Links
AddLook’s like meat’s back on the menu, boys! Because next up in the trilogy is The Lord of The Rings: The Two Towers: The Extended Edition: The Honest Trailer!...
In this article, you will find a list of open source cybersecurity tools that you'll wish you'd known earlier.
After a decade in observability, I kept bumping into one question no vendor would answer: how much of your data is waste?
Contribute to ayang64/doomfire development by creating an account on GitHub.
🎥 Step inside the surreal world of The Goodies, where chaos became genius and three madmen turned television upside down. Discover the wild stunts, secret d...
The federally funded organization behind the Common Vulnerabilities and Exposures (CVE) program confirmed that its contract to support the system will expire on April 16th.
Short-lived and IP address certificates are now generally available from Let’s Encrypt. These certificates are valid for 160 hours, just over six days. In order to get a short-lived certificate subscribers simply need to select the ‘shortlived’ certificate profile in their ACME client. Short-lived certificates improve security by requiring more frequent validation and reducing reliance on unreliable revocation mechanisms. If a certificate’s private key is exposed or compromised, revocation has historically been the way to mitigate damage prior to the certificate’s expiration. Unfortunately, revocation is an unreliable system so many relying parties continue to be vulnerable until the certificate expires, a period as long as 90 days. With short-lived certificates that vulnerability window is greatly reduced.
April 25, 2023: We’ve updated this blog post to include more security learning resources. AWS recently released the AWS Security Incident Response whitepaper, to help you understand the fundamentals of responding to security incidents within your cloud environment. The whitepaper reviews how to prepare your organization for detecting and responding to security incidents, explores the […]
SSHamble helps security teams validate SSH implementations and test for uncommon but dangerous misconfigurations and software bugs.
Manage multiple runtime versions with a single CLI tool
Documentation and guides from the team at Fly.io.
Design, test, and distribute Agent Skills with reusable templates, collaborative reviews, and multi-surface deployment.
There are plenty of incredible open source Android games available for your smartphone, but to get your started, here are my favorites.
Introduction: when the trust model can’t be trusted Secrets vaults are the backbone of digital infrastructure. They store the credentials, tokens, and certificates that govern access to systems, services, APIs, and data. They’re not just a part of the trust model, they are the trust model. In other words, if your vault is compromised, your […]
No patches yet, can be mitigated, requires user interaction
August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info You can now encrypt and decrypt your data at the command line and in scripts—no […]
Apps often demand excessive permissions, accessing your contacts, location, and more. Discover why sticking to your browser offers better privacy and control.
Notion AI is susceptible to data exfiltration via indirect prompt injection due to a vulnerability in which AI document edits are saved before user approval.